Description:
The IT Security & Compliance Manager is responsible for developing, updating, deploying and monitoring adherence to policies, processes and standards related to organisational and technical security. Being a SPOC for all aspects of cybersecurity within HMUK and leading incidents resolution.
We Want You To:
- Risk Assessment and Management - Assess and identify potential security threats, vulnerabilities and developing strategies to mitigate these risks. Establish a vulnerability management process aligned with headquarters guidelines.
- Policy Development and Enforcement – Create, maintain, update and enforce information security policies and procedures within the organisation to ensure compliance with relevant laws and standards.
- Compliance Monitoring – manage the organisations adherence to security policies and regulatory requirements. Prepare compliance reports for HoS according to established frequency and on request.
- Incident Response – managing security incidents, including detection, response and reporting to ensure minimal impact to the business.
- Training and Awareness – educating employees about security policies, procedures and best practices to foster a culture of security awareness. Prepare and execute an annual training plan.
- Support HoS to develop the optimized security strategy and the roadmap in conjunction with headquarters and Legal Dpt.
- Lead & Implement security projects aligned with this roadmap.
- Work collaboratively with Governance & Compliance Manager and Legal dept to validate and approve the security measures established by suppliers who have access to HMUK data/ systems and any other activities that will require security measures review and approval
- Be a key member of Data Breach Task force, Disaster management team, Business continuity team etc to manage and resolve all issues related to cybersecurity aspects of the incident.
- Maintain an up-to-date understanding of regulatory requirements, industry changes and challenges in the field of IT cybersecurity